The ever wonderful twitter.com/sweetpavement gave me the following analogy to help me understand the difference between ingress and egress with regards to defining them on 'rules' assigned to Security Groups.
My understanding was helped here when I started thinking of ingress and egress as two separate doors to a building.
Ingress needs to be told where things are coming from, even if they're coming from the service, because they are entering the "in" door, which faces an open street. Specifying the source on these rules is like having an ID badge that lets you through that in door, instead of having to send you to the desk. Even if the request comes from "inside the service", to the perspective of the service it's coming in the in door and so explicitly needs to know whether it has a badge (i.e. is from the 'source' security group).
Egress on the other hand is an out door. The service already knows who is "inside" the building, and it's just trying to send them out the door and to the correct place. Since it knows who is in the building (what traffic is coming from itself towards the "out" door) it only needs rules about where that door should lead, so it's not dumping VIPs into a dark alley where they'll be mugged.